Results 1 to 8 of 8

Thread: ZoneAlarm Security Advisory

  1. #1
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424

    Exclamation ZoneAlarm Security Advisory

    ZoneAlarm Security Advisory
    A security vulnerability exists in specific versions of ZoneAlarm®, ZoneAlarm Pro, ZoneAlarm Plus and the Zone Labs Integrity™ client. This vulnerability is caused by an unchecked buffer in Simple Mail Transfer Protocol (SMTP) processing which could lead to a buffer overflow. In order to exploit the vulnerability without user assistance, the target system must be operating as an SMTP server. Zone Labs does not recommend using our client security products to protect servers.

    Upgrading an affected Zone Labs product will remove this vulnerability.
    Patch time!

  2. #2
    Yup,

    I already grabed that, but always think it's funny when a security program has a flaw. Yes, i know that no one is perfect, its just kinda ironic, thats all

  3. #3
    Senior Member
    Join Date
    May 2002
    Posts
    256
    UPDATE: A FREE WORK AROUND : You can directly download the latest FULL installation of your ZoneLab version and use its UPGRADE function to update your previously registered version. It will preserve your previous registration info and configurations. It worked for me ;) Here are the respective links over at MajorGeeks :

    ZoneAlarm Free 4.5.538.001 http://www.majorgeeks.com/download388.html
    ZoneAlarm Pro 4.5.538.001 http://www.majorgeeks.com/download2671.html
    ZoneAlarm Plus 4.5.538.001 http://www.majorgeeks.com/download744.html

  4. #4
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    Oh darn, I upgraded before I knew about the vulnerability. Thanks for blowing my whole day.....lol

    Actually I don't believe the 4.5.538 version had been out for very long. Seems like I installed it only a little while ago. So I patched a patch with 4.5.538.001


    Anyway, thanks for the thread and links

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Relyt

    Just checked my "updates" folder:

    #538: 27th January
    #538.001: 19th February

    Thanks for the heads up


  6. #6
    Senior Member
    Join Date
    Feb 2002
    Posts
    518
    "Zone Labs does not recommend using our client security products to protect servers."

    LOL. Ya think?
    this is why I like hardware firewalls a lot more.
    I personally run a netopia R910 and love it
    used to use a linksys, but found out that whenever a serious amount of traffic was sent to my servers it choked...and needed a reset.
    Remember -
    The ark was built by amatures...
    The Titanic was built by professionals.

  7. #7
    Senior Member
    Join Date
    May 2002
    Posts
    256
    I just went wireless with my firewall/router and Im loving it...sucha great thing to have online access outside of my house, and to be able to 128bit secure it as well...knock on wood, so far so good. netgear hasnt done me wrong, yet.
    Sex is like \"Social Security\". You get a little each month, but it\'s not enough to live on.

  8. #8
    Senior Member
    Join Date
    Feb 2002
    Posts
    518
    just watch those logs...make sure no ones getting a free look at the network behind the firewall... once you connect wireless, you are hitting the router part.... and it is considered inside access.
    Remember -
    The ark was built by amatures...
    The Titanic was built by professionals.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •